From Digital Age to Nano Age. WorldWide.

Tag: latest

Robotic Automations

European police chiefs target E2EE in latest demand for 'lawful access' | TechCrunch

In the latest iteration of the neverending (and always head-scratching) crypto wars, Graeme Biggar, the director general of the UK’s National Crime Agency (NCA), has called on Instagram-owner Meta to rethink its continued rollout of end-to-end encryption (E2EE) — with web users’ privacy and security pulled into the frame yet again.

The call follows a joint declaration by European police chiefs, including the UK’s own, published Sunday — expressing “concern” at how E2EE is being rolled out by the tech industry and calling for platforms to design security systems in such a way that they can still identify illegal activity and sent reports on message content to law enforcement.

In remarks to the BBC today, the NCA chief suggested Meta’s current plan to beef up the security around Instagram users’ private chats by rolling out so-called “zero access” encryption, where only the message sender and recipient can access the content, poses a threat to child safety. The social networking giant also kicked off a long-planned rollout of default E2EE on Facebook Messenger back in December.

“Pass us the information”

Speaking to BBC Radio 4’s Today program on Monday morning, Biggar told interviewer Nick Robinson: “Our responsibility as law enforcement… is to protect the public from organised crime, from serious crime, and we need information to be able to do that.

“What is happening is the tech companies are putting a lot of the information on to end-to-end encrypted. We have no problem with encryption, I’ve got a responsibility to try and protect the public from cybercrime, too — so strong encryption is a good thing — but what we need is for the companies to still be able to pass us the information we need to keep the public safe.”

Currently, as a result of being able to scan message content where E2EE has not been rolled out, Biggar said platforms are sending tens of millions of child-safety related reports a year to police forces around the world — adding a further claim that “on the back of that information we typically safeguard 1,200 children a month and arrest 800 people”. Implication being those reports will dry up if Meta proceeds expanding its use of E2EE to Instagram.

Pointing out that Meta-owned WhatsApp has had the gold standard encryption as its default for years (E2EE was fully implemented across the messaging platform by April 2016), Robinson wondered if this wasn’t a case of the crime agency trying to close the stable door after the horse has bolted?

To which he got no straight answer — just more head-scratching equivocation.

Biggar: “It is a trend. We are not trying to stop encryption. As I said, we completely support encryption and privacy and even end-to-end encryption can be absolutely fine. What we want is the industry to find ways to still provide us with the information that we need kind.”

His intervention follows a joint declaration of around 30 European police chiefs, published Sunday, in which the law enforcement heads urge platforms to adopt unspecified “technical solutions” that they suggest can enable them to offer users robust security and privacy at the same time as maintaining the ability to spot illegal activity and report decrypted content to police forces.

“Companies will not be able to respond effectively to a lawful authority,” the police chiefs suggest, raising concerns that E2EE is being deployed in ways that undermine platforms’ abilities to identify illegal activity themselves and also their ability to send content reports to police.

“As a result, we will simply not be able to keep the public safe,” they claim, adding: “We therefore call on the technology industry to build in security by design, to ensure they maintain the ability to both identify and report harmful and illegal activities, such as child sexual exploitation, and to lawfully and exceptionally act on a lawful authority.”

A similar “lawful access” mandate was adopted on encrypted by the European Council back in a December 2020 resolution.

Client-side scanning?

The European police chiefs declaration does not explain which technologies they want platforms to deploy in order to enable CSAM-scanning and law enforcement to be sent decrypted content. But, most likely, it’s some form of client-side scanning technology they’re lobbying for — such as the system Apple had been poised to roll out in 2021, for detecting child sexual abuse material (CSAM) on users’ own devices, before a privacy backlash forced it to shelve and later quietly drop the plan. (Though Apple did roll out CSAM-scanning for iCloud Photos.)

European Union lawmakers, meanwhile, still have a controversial message-scanning CSAM legislative plan on the table. Privacy and legal expertsincluding the bloc’s own data protection supervisor — have warned the draft law poses an existential threat to democratic freedoms, as well as wreaking havoc with cybersecurity. Critics of the plan also argue it’s a flawed approach to child safeguarding, suggesting it’s likely to cause more harm than good by generating lots of false positives.

Last October parliamentarians pushed back against the Commission proposal, backing a substantially revised approach that aims to limit the scope of so-called CSAM “detection orders”. However the European Council has yet to agree its position. So where the controversial legislation will end up remains to be seen. This month scores of civil society groups and privacy experts warned the proposed “mass surveillance” law remains a threat to E2EE. (In the meanwhile EU lawmakers have agreed to extend a temporary derogation from the bloc’s ePrivacy rules that allows for platforms to carry out voluntary CSAM-scanning — but which the planned law is intended to replace.)

The timing of the joint declaration by European police chiefs suggests it’s intended to amp up pressure on EU lawmakers to stick with the CSAM-scanning plan despite trenchant opposition from the parliament. (Hence they also write: “We call on our democratic governments to put in place frameworks that give us the information we need to keep our publics safe.”)

The EU proposal does not prescribe particularly technologies that platforms must use to scan message content to detect CSAM either but critics warn it’s likely to force adoption of client-side scanning — despite the nascent technology being immature and unproven and simply not ready for mainstream use as they see it, which is another reason they’re so loudly sounding the alarm.

Robinson didn’t ask Biggar if police chiefs are lobbying for client-side scanning specifically but he did ask whether they want Meta to “backdoor” encryption. Again, the answer was fuzzy.

“We wouldn’t call it a backdoor — and exactly how it happens is for industry to determine. They are the experts in this,” he demurred, without specifying exactly what they do want, as if finding a way to circumvent strong encryption is a simple case of techies needing to nerd harder.

A confused Robinson pressed the UK police chief for clarification, pointing out information is either robustly encrypted (and so private) or it’s not. But Biggar danced even further away from the point — arguing “every platform is on a spectrum”, i.e. of information security vs information visibility. “Almost nothing is at the absolutely completely secure end,” he suggested. “Customers don’t want that for usability reasons [such as] their ability to get their data back if they’ve lost a phone.

“What we’re saying is being absolute on either side doesn’t work. Of course we don’t want everything to be absolutely open. But also we don’t want everything to be absolutely closed. So we want the company to find a way of making sure that they can provide security and encryption for the public but still provide us with the information that we need to protect the public.”

Non-existent safety tech

In recent years the UK Home Office has been pushing the notion of so-called “safety tech” that would allow for scanning of E2EE content to detect CSAM without impacting user privacy. However a 2021 “Safety Tech” challenge it ran, in a bid to deliver proof of concepts for such a technology, produced results so poor that the cyber security professor appointed to independently evaluate the projects, the University of Bristol’s Awais Rashid, warned last year that none of the technology developed for the challenge is fit for purpose, writing: “Our evaluation shows that the solutions under consideration will compromise privacy at large and have no built-in safeguards to stop repurposing of such technologies for monitoring any personal communications.”

If technology does exist to allow law enforcement to access E2EE data in the plain without harming users’ privacy, as Biggar appears to be claiming, one very basic question is why can’t police forces explain exactly what they want platforms to implement? (Reminder: Last year reports suggested government ministers had privately acknowledged no such privacy-safe E2EE-scanning technology currently exists.)

TechCrunch contacted Meta for a response to Biggar’s remarks and to the broader joint declaration. In an emailed statement a company spokesperson repeated its defence of expanding access to E2EE, writing: “The overwhelming majority of Brits already rely on apps that use encryption to keep them safe from hackers, fraudsters, and criminals. We don’t think people want us reading their private messages so have spent the last five years developing robust safety measures to prevent, detect and combat abuse while maintaining online security.

“We recently published an updated report setting out these measures, such as restricting people over 19 from messaging teens who don’t follow them and using technology to identify and take action against malicious behaviour. As we roll out end-to-end encryption, we expect to continue providing more reports to law enforcement than our peers due to our industry leading work on keeping people safe.” 

The company has weathered a string of similar calls from a string of UK Home Secretaries over the Conservative governments’ decade+ run. Just last September then Home Secretary, Suella Braverman, warned Meta it must deploy unspecified “safety measures” alongside E2EE — warning the government could use powers in the Online Safety Bill (now Act) to sanction the company if it failed to play ball.

Asked by Robinson if the government could (and should) act if Meta does not change course on E2EE, Biggar both invoked the Online Safety Act and pointed to another (older) piece of legislation, the surveillance-enabling Investigatory Powers Act (IPA), saying: “Government can act and government should act and it has strong powers under the Investigatory Powers Act and also the Online Safety Act to do so.”

Penalties for breaches of the Online Safety Act can be substantial — with Ofcom empowered to issues fines of up to 10% of worldwide annual turnover.

In another concerning step for people’s security and privacy, the government is in the process of beefing up the IPA with more powers targeted at messaging platforms, including a requirement that messaging services clear security features with the Home Office before releasing them.

The controversial plan to further expand IPA’s scope has triggered concern across the UK tech industry — which has suggested citizens’ security and privacy will be put at risk by the additional measures. Last summer Apple also warned it could be forced to shut down mainstream services like iMessage and FaceTime in the UK if the government did not rethink the expansion of surveillance powers.

There’s some irony in the latest law enforcement-led lobbying campaign aimed at derail the onward march of E2EE across mainstream digital services hinging on a plea by police chiefs against binary arguments in favor of privacy — given there has almost certainly never been more signals intelligence available for law enforcement and security services to scoop up to feed their investigations, even factoring in the rise of E2EE. So the idea that improved web security will suddenly spell the end of child safeguarding efforts is itself a distinctly binary claim.

However anyone familiar with the decades long crypto wars won’t be surprised to see double standard pleas being deployed in bid to weaken online security as that’s how this propaganda war has always been waged.

Software Development in Sri Lanka

Robotic Automations

Watch: TikTok and Meta's latest moves signal a more commodified internet | TechCrunch

The internet’s mega-platforms are slowly merging into a great blob of sameness, and even the hottest companies in the world are not immune from the trend. TikTok’s winning strategy to focus on short-form, vertical video has found fans amongst other internet platforms, and now TikTok is taking a page from its rival, books, reportedly borrowing from what made them popular.

TikTok is working toward launching a new app called TikTok Notes that will allow users to post images in an apparent bid to rival Instagram, a service best known for its static-photo-sharing feature. Instagram, of course, has expanded into video and stories itself, taking pieces of other services and incorporating them into its own product.

Instagram’s parent company Meta’s other services are frequent borrowers as well. As is nearly every social service you can imagine. Recall that great Stories Boom that led to everyone from Line to Spotify to Instagram to LinkedIn trying out the popular sharing format. If it works for one social media service, expect the rest to follow in some manner at some point — probably sooner rather than later.

There’s good logic behind the effort. The answer is why X wants to become a super app; the more a service can offer its userbase to do, the more time they may spend inside the app’s walls. Expanding a feature set can bolster engaged time, and therefore how much revenue a social media service can earn. At the same time, bloat is a real issue that can dilute a user experience and render an app, well, Facebook in time.

This theme — the slow commodification of digital services via sameification — is similar to why we’re seeing LinkedIn try to ape The New York Times’ gaming might, and to some degree why major platform companies in tech wind up trying to be good at everything: the never-ending need to grow revenue. Perhaps this is why your favorite app always feels more and more like an alien world as time passes. It will evolve away from what made it special, and unique, because sticking to those guns is not the way to create a service that the maximum number of people will use. For that, you need to become Facebook.

Software Development in Sri Lanka

Robotic Automations

Meta will auto-blur nudity in Instagram DMs in latest teen safety step | TechCrunch

Meta said on Thursday that it is testing new features on Instagram intended to help safeguard young people from unwanted nudity or sextortion scams. This includes a feature called “Nudity Protection in DMs,” which automatically blurs images detected as containing nudity.

The tech giant said it will also nudge teens to protect themselves by serving a warning encouraging them to think twice about sharing intimate images. Meta hopes this will boost protection against scammers who may send nude images to trick people into sending their own images in return.

The company said it is also implementing changes that will make it more difficult for potential scammers and criminals to find and interact with teens. Meta said it is developing new technology to identify accounts that are “potentially” involved in sextortion scams, and will apply limits on how these suspect accounts can interact with other users.

In another step announced on Thursday, Meta said it has increased the data it is sharing with the cross-platform online child safety program, Lantern, to include more “sextortion-specific signals.”

The social networking giant has had long-standing policies that ban people from sending unwanted nudes or seeking to coerce others into sharing intimate images. However, that doesn’t stop these problems from occurring and causing misery for scores of teens and young people — sometimes with extremely tragic results.

We’ve rounded up the latest crop of changes in more detail below.

Nudity screens

Nudity Protection in DMs aims to protect teen users of Instagram from cyberflashing by putting nude images behind a safety screen. Users will be able to choose whether or not to view such images.

“We’ll also show them a message encouraging them not to feel pressure to respond, with an option to block the sender and report the chat,” said Meta.

The nudity safety screen will be turned on by default for users under 18 globally. Older users will see a notification encouraging them to turn the feature on.

“When nudity protection is turned on, people sending images containing nudity will see a message reminding them to be cautious when sending sensitive photos, and that they can unsend these photos if they’ve changed their mind,” the company added.

Anyone trying to forward a nude image will see the same warning encouraging them to reconsider.

The feature is powered by on-device machine learning, so Meta said it will work within end-to-end encrypted chats because the image analysis is carried out on the user’s own device.

The nudity filter has been in development for nearly two years.

Safety tips

In another safeguarding measure, Instagram users who send or receive nudes will be directed to safety tips (with information about the potential risks involved), which, according to Meta, have been developed with guidance from experts.

“These tips include reminders that people may screenshot or forward images without your knowledge, that your relationship to the person may change in the future, and that you should review profiles carefully in case they’re not who they say they are,” the company wrote in a statement. “They also link to a range of resources, including Meta’s Safety Center, support helplines, for those over 18, and Take It Down for those under 18.”

The company is also testing showing pop-up messages to people who may have interacted with an account that has been removed for sextortion. These pop-ups will also direct users to relevant resources.

“We’re also adding new child safety helplines from around the world into our in-app reporting flows. This means when teens report relevant issues — such as nudity, threats to share private images or sexual exploitation or solicitation — we’ll direct them to local child safety helplines where available,” the company said.

Tech to spot sextortionists

While Meta says it removes sextortionists’ accounts when it becomes aware of them, it first needs to spot bad actors to shut them down. So, the company is trying to go further by “developing technology to help identify where accounts may potentially be engaging in sextortion scams, based on a range of signals that could indicate sextortion behavior.”

“While these signals aren’t necessarily evidence that an account has broken our rules, we’re taking precautionary steps to help prevent these accounts from finding and interacting with teen accounts,” the company said. “This builds on the work we already do to prevent other potentially suspicious accounts from finding and interacting with teens.”

It’s not clear what technology Meta is using to do this analysis, nor which signals might denote a potential sextortionist (we’ve asked for more details). Presumably, the company may analyze patterns of communication to try to detect bad actors.

Accounts that get flagged by Meta as potential sextortionists will face restrictions on messaging or interacting with other users.

“[A]ny message requests potential sextortion accounts try to send will go straight to the recipient’s hidden requests folder, meaning they won’t be notified of the message and never have to see it,” the company wrote.

Users who are already chatting with potential scam or sextortion accounts will not have their chats shut down, but will be shown Safety Notices “encouraging them to report any threats to share their private images, and reminding them that they can say ‘no’ to anything that makes them feel uncomfortable,” according to the company.

Teen users are already protected from receiving DMs from adults they are not connected with on Instagram (and also from other teens, in some cases). But Meta is taking this a step further: The company said it is testing a feature that hides the “Message” button on teenagers’ profiles for potential sextortion accounts — even if they’re connected.

“We’re also testing hiding teens from these accounts in people’s follower, following and like lists, and making it harder for them to find teen accounts in Search results,” it added.

It’s worth noting the company is under increasing scrutiny in Europe over child safety risks on Instagram, and enforcers have questioned its approach since the bloc’s Digital Services Act (DSA) came into force last summer.

A long, slow creep towards safety

Meta has announced measures to combat sextortion before — most recently in February, when it expanded access to Take It Down. The third-party tool lets people generate a hash of an intimate image locally on their own device and share it with the National Center for Missing and Exploited Children, helping to create a repository of non-consensual image hashes that companies can use to search for and remove revenge porn.

The company’s previous approaches to tackle that problem had been criticized, as they required young people to upload their nudes. In the absence of hard laws regulating how social networks need to protect children, Meta was left to self-regulate for years — with patchy results.

However, some requirements have landed on platforms in recent years — such as the U.K.’s Children Code (which came into force in 2021) and the more recent DSA in the EU — and tech giants like Meta are finally having to pay more attention to protecting minors.

For example, in July 2021, Meta started defaulting young people’s Instagram accounts to private just ahead of the U.K. compliance deadline. Even tighter privacy settings for teens on Instagram and Facebook followed in November 2022.

This January, the company announced it would set stricter messaging settings for teens on Facebook and Instagram by default, shortly before the full compliance deadline for the DSA kicked in in February.

This slow and iterative feature creep at Meta concerning protective measures for young users raises questions about what took the company so long to apply stronger safeguards. It suggests Meta opted for a cynical minimum in safeguarding in a bid to manage the impact on usage, and prioritize engagement over safety. That is exactly what Meta whistleblower Francis Haugen repeatedly denounced her former employer for.

Asked why the company is not also rolling out these new protections to Facebook, a spokeswoman for Meta told TechCrunch, “We want to respond to where we see the biggest need and relevance — which, when it comes to unwanted nudity and educating teens on the risks of sharing sensitive images — we think is on Instagram DMs, so that’s where we’re focusing first.”

Software Development in Sri Lanka

Robotic Automations

Y Combinator's latest cohort had only one LatAm startup in large part because of AI | TechCrunch

Brazilian startup Salvy, a mobile carrier for businesses, was the only company based in Latin America in Y Combinator’s latest batch, the accelerator confirmed to TechCrunch.

That’s a significant drop compared to cohorts that went through the accelerator during COVID when it was remote, but also more recent classes: There were 33 Latin American companies in Y Combinator’s Winter 2022 batch, 16 in summer 2022 and 10 in winter 2023.

One caveat to the stark Winter 2024 group data point is that the directory is not exhaustive; some companies prefer to remain in stealth mode. But that doesn’t explain the steady and now seemingly complete decline of Latin American startups in the company’s startup cohorts, and neither does the fact that Y Combinator post-pandemic batches are smaller and in-person again. In fact, you’d have to go back to summer 2015 to find a group with just a single Latin American participant.

The accelerator also cut down on efforts it previously made to incentivize startups to apply, such as the global outreach tours that once included stops in Brazil, Colombia and Mexico. The last such tour took place in 2022, and it was virtual, TechCrunch learned. It is one of several things that changed at YC since 2022 and its return to in-person batches.

Says Cristóbal Griffero, whose startup Fintoc was part of YC’s W21 cohort: “The number of YC deals has decreased overall, not just in Latin America. But if we consider that about 8% of the companies were from the region in the W22 batch, versus the current one where the region represents less than 1%, it becomes clear that Latin America is being disproportionately affected.”

Unpacking what’s at play is a worthy exercise for what it says of 2024 Y Combinator, but also of the state of LatAm startups more broadly, and where the Rappis of tomorrow could fit in.

Yesterday’s flavor?

YC declined to comment, but by now, we know its team always says it funds founders, not ideas. In other words, it doesn’t think in terms of startup categories. Still, its batches typically reveal a lot about what’s in fashion among entrepreneurs and investors. This year, it’s clearly AI.

With nearly double the number from the Winter 2023 batch and close to triple the number from Winter 2021, AI startups dominated at Y Combinator’s Winter 2024 Demo Day, my colleague Kyle Wiggers noted.

On the other hand, fintech representation has shrunk compared to previous batches: Only 8% of YC’s latest batch is listed as fintech in its director, compared to 24% in the winter of 2022. Historically, around one-third of the 231 Latin American companies that went through YC focused on fintech.

These data points could explain in big part why Latin American startups are less present in this batch. In a region with a strong need for better financial inclusion, fintech has long been a sector that entrepreneurs have loved to tackle. In contrast, deep tech companies represent only 10% of the Latin American and Caribbean startup ecosystem.

Deep tech and fintech aren’t mutually exclusive; AI-enabled fraud detection, for instance, would fall under both categories. But an AI-hungry YC would still be less aligned with Latin America’s tech scene.

It’s not just AI, though; it’s YC’s take on AI that makes it even more geographically challenging. Out of the 89 AI startups in its latest batch, 73 were based in the U.S. and Canada, 3 in Europe, and 26 remote. So much for the Paris AI buzz.

Maybe the French AI scene is overhyped. But judging by the number of Demo Day pitchers with French accents, YC isn’t backing fewer European founders than in previous years, where France was quite well represented. Only this time, maybe they aren’t based in Europe — only 13 batch participants are, according to YC’s directory.

Despite its virtual programs, YC has really been a Bay Area–based program for most of its 15 years. And in a conversation between longtimes YC partners Dalton Caldwell and Michael Seibel, Seibel conceded that startups can still “win” elsewhere but argued that the San Francisco Bay Area is still the place to be.

“Getting into the Bay Area is so relatively easy [compared] to all the other things you have to do to succeed. Choosing where to live is so relatively easy [compared] to all the other things you have to choose correctly. Why not pick up the easy wins? It’s an easy percentage multiplier. And this game is so hard, you might as well take the easy ones.”

This belief is even more widely shared for AI startups, Brazilian entrepreneur Bruno Vieira Costa told TechCrunch. “My own company is building generative AI models [and] based in Rio, so I don’t see it as necessarily true, but I understand for more junior founders, this must be relevant for mindset and references.” Vieira Costa’s task automation startup Abstra was part of Y Combinator’s summer 2021 batch.

Abstra’s founder thinks in-person batches are better for founder success, but there are trade-offs. Relocating to the Bay Area is hard for many Latin American founders, and perhaps riskier. Their experiences, college backgrounds and professional networks resonate less with U.S. investors, Vieira Costa said. Conversely, U.S. references were peppered through Demo Day, with founders mentioning their “nationwide” reach and their degrees whose fame isn’t always international.

While one cohort is not a trend, maybe YC, too, is returning to its U.S.-focused roots. YC’s latest request for startups called for companies to “bring back manufacturing to America” — a term that many in Latin America find grating — and the “new defense technology” section only mentioned the U.S. “Silicon Valley was born in the early 20th century as an R&D area for the U.S. military. … This decade is the time to return Silicon Valley to these roots,” partners Jared Friedman and Gustaf Alströmer wrote.

If YC continues to slant toward U.S. companies, that doesn’t mean its cohorts would be less diverse. Several YC alumni with Hispanic founders were U.S.-based when they applied.

Do LatAM startups need YC?

Founders who went to YC often call the experience “life-changing,” and the impact usually goes beyond their companies. Colombian startup and YC alum Rappi, for instance, turned into a startup factory. Looking into its multiplier effect, entrepreneurship network Endeavor found out that 130 founders previously worked at the on-demand delivery company, whose founders also invested in two dozen startups.

Rappi is on the list of YC alumni with the most revenue, but otherwise, there isn’t that much overlap between the accelerator’s Latin American bets and the region’s top startups.

“When you look at the biggest startups coming out of Latin America in the past five years, they didn’t go through YC,” Latitud co-founder and COO Gina Gotthilf told TechCrunch via email. “We don’t know why, but it might be that YC is better at assessing the U.S. market and opportunity. Latin America is hard, there’s a lot of local context that’s hard to understand if you don’t have a local grasp and strong network.”

Latitud describes itself as “the operating system for every venture-backed company in Latin America” and offers a software platform for software platform for incorporation and compliance, with funding from a16z and NFX. It also recently spun off its VC arm, Latitud Ventures. On some level, it makes YC a competitor, but also a potential co-investor. Salvy, the Brazilian company from its latest batch, is a Latitud portfolio company “where we were the first investor,” Gotthilf said.

Despite her bullishness about the region, Gotthilf can also see why an AI-heavy cohort includes fewer Latin American startups. “Most of the companies pitching [YC] are doing something in AI. I believe that core AI companies building LLMs in Silicon Valley have serious leverage right now and that real innovation in the field won’t be coming from Latin America so soon.”

This is also a reminder that many startups from the region aren’t applying to YC, or even seeking VC funding at all. A recent report on Latin American SaaS startups showed that one-third went for the bootstrapping route. This has pros and cons: It pushes startups to be more efficient but can also get in the way of bigger ambitions.

Griffero thinks that another factor is the region’s fragmentation, which makes it more difficult for founders to support each other, but he’s optimistic. “This situation is likely to change soon, as I’m seeing more founders from the region who are starting to think globally, instead of self-imposing the limit of being ‘X for LatAm.’”

Unlike predecessors like Mercado Libre, these companies will find venture capital firms both local and global willing to look at them and offer them less dilutive terms that weren’t the norm before YC became a potential rival.

There’s still the question of whether the math will add up for investors, since massive exits are still a rare occurrence for Latin American startups. But even if they succeed, doing it outside of YC means they won’t be part of its 10,000-alumni network. A lose-lose situation, or the price to pay for SF evolving from “doom loop” to “boom loop”? You decide.

Software Development in Sri Lanka

Robotic Automations

Google launches Code Assist, its latest challenger to GitHub's Copilot | TechCrunch

At its Cloud Next conference, Google on Tuesday unveiled Gemini Code Assist, its enterprise-focused AI code completion and assistance tool.

If this sounds familiar, that’s likely because Google previously offered a similar service under the now-defunct Duet AI branding. That one became generally available in late 2023, but even then, Google already hinted that it would move the service away from its Codey model to Gemini in the near future. Code Assist is both a rebrand of the older service as well as a major update.

Code Assist, which Google Cloud demoed at its 30,000-attendee conference in Las Vegas, will be available through plug-ins for popular editors like VS Code and JetBrains.

Even more so than the Duet AI version, Code Assist is also a direct competitor to GitHub’s Copilot Enterprise and not so much the basic version of Copilot. That’s because of a few Google-specific twists.

Among those is support for Gemini 1.5 Pro, which famously has a million-token context window, allowing Google’s tool to pull in a lot more context than its competitors. Google says this means more-accurate code suggestions, for example, but also the ability to reason over and change large chunks of code.

“This upgrade brings a massive 1 million-token context window, which is the largest in the industry. This allows customers to perform large-scale changes across your entire code base, enabling AI-assisted code transformations that were not possible before,” Brad Calder, Google’s VP and GM for its cloud platform and technical infrastructure, explained in a press conference ahead of Tuesday’s announcement.

Image Credits: Google

Like GitHub Enterprise, Code Assist can also be fine-tuned based on a company’s internal code base.

“Code customization using RAG with Gemini Code Assist significantly increased the quality of Gemini’s assistance for our developers in terms of code completion and generation,” said Kai Du, Director of Engineering and Head of Generative AI at Turing. “With code customization in place, we are expecting a big increase in the overall code-acceptance rate.”

This functionality is currently in preview.

Image Credits: Frederic Lardinois/TechCrunch

Another feature that makes Code Assist stand out is its ability to support codebases that sit on-premises, in GitLab, GitHub and Atlassian’s BitBucket, for example, as well as those that may be split between different services. That’s something Google’s most popular competitors in this space don’t currently offer.

Google is also partnering with a number of developer-centric companies to bring their knowledge bases to Gemini. Stack Overflow already announced its partnership with Google Cloud earlier this year. Datadog, Datastax, Elastic, HashiCorp, Neo4j, Pinecone, Redis, Singlestore and Snyk are now also partnering with Google through similar partnerships.

The real test, of course, is how developers will react to Code Assist and how useful its suggestions are to them. Google is making the right moves here by supporting a variety of code repositories and offering a massive context window, but if the latency is too high or the results simply aren’t that good, none of those features matter. And if it’s not significantly better than Copilot, which had quite a headstart, it may end up suffering the fate of AWS’ CodeWhisperer, which seems to have close to zero momentum.

It’s worth noting that in addition to Code Assist, Google today also announced the launch of CodeGemma, a new open model in its Gemma family that was fine-tuned for code generation and assistance. CodeGemma is now available through Vertex AI.

Image Credits: Frederic Lardinois/TechCrunch

Cloud Assist

In addition to Code Assist, Google also today announced Gemini Cloud Assist to help “cloud teams design, operate, and optimize their application lifecycle.” The tool can generate architecture configuration that are tailored to a company’s needs, for example, based on a description of the desired design outcome. It can also help diagnose issues and find their root causes, as well as optimize a company’s cloud usage to reduce cost or improve performance.

Cloud Assist will be available through a chat interface and embedded directly into a number of Google Cloud products.

Software Development in Sri Lanka

Robotic Automations

Betaworks bets on AI agents in latest 'Camp' cohort | TechCrunch

Betaworks is embracing the AI trend not with yet another LLM, but instead a clutch of agent-type models automating everyday tasks that nevertheless aren’t so simple to define. The investor’s latest “Camp” incubator trained up and funded 9 AI agent startups they hope will take on today’s more tedious tasks.

The use cases for many of these companies sound promising, but AI tends to have trouble keeping its promises. Would you trust a shiny new AI to sort your email for you? What about extracting and structuring information from a webpage? Will anyone mind an AI slotting meetings in wherever works?

There’s an element of trust that has yet to be established with these services, something that occurs with most technologies that change how we act. Asking MapQuest for directions felt weird until it didn’t — and now GPS navigation is an everyday tool. But are AI agents at that stage? Betaworks CEO and founder John Borthwick thinks so. (Disclosure: Former TechCrunch editor and Disrupt host Jordan Crook left TC to work at the firm.)

“You’re keying into something that we’ve spent a lot of time thinking about,” he told TechCrunch. “While agentic AI is in its nascence — and there are issues at hand around success rates of agents, etc — we’re seeing tremendous strides even since Camp started.”

While the tech will continue improving, Borthwick explained some customers are ready to embrace it in its current state.

“Historically, we’ve seen customers take a leap of faith, even with higher-stakes tasks, if a product was ‘good enough.’ The original, despite doing interesting things with OCR and email scraping, didn’t always get it right, and users still trusted it with thousands of dollars worth of transactions because it made a terrible task less terrible. And over time, through highly communicative interface design, the feedback loops from those customers created an even better, more reliable product,” he said.

“For now, most of the early users of the products in Camp are developers and founders and early tech adopters, and that group has always been willing to patiently test and deliver feedback on these products, which eventually leap over to the mainstream.”

Betaworks Camp is a three-month accelerator in which selected companies in the chosen theme get hands-on help with their product, strategy, and connections before getting shooed out the door with a $500K check — courtesy of Betaworks itself, Mozilla Ventures, Differential Ventures, and Stem AI. But not before the startups strut their stuff on demo day, May 7.

We got a look at the lineup beforehand, though. Here are the three that stuck out to me the most.

Twin automates tasks using an “action model” the likes of which we’ve heard Rabbit talk about for a few months now (but have not yet shipped). By training a model on lots of data representing software interfaces, it can (these companies claim) learn how to complete common tasks, things that are more complex than an API can handle, yet not so much that they can’t be delegated to a “smart intern.” We actually wrote them up back in January.

So instead of having a backend engineer build a custom script to do a certain task, you can demonstrate or describe in ordinary language. Stuff like “put all the resumés we got today in a folder in Dropbox and rename them after the applicant, then DM me the share link in Slack.” And once you’ve tweaked that workflow (“Oops, this time add the application date to the file names”) it can just be the new way that process works. Automate the 20% of tasks that take up 80% of our time is the company’s goal — whether it can do so affordably is probably the real question. (Twin declined to elaborate on the nature of their model and training process.)

Skej aims to ameliorate the occasionally painful process of finding a meeting time that works for two (or three, or four…) people. You just cc the bot on an email or Slack thread and it’ll start the process of reconciling everyone’s availability and preferences. If it has access to schedules, it’ll check those; if someone says they’d prefer the afternoon if it’s on Thursday, it works with that; you can say some people get priority; and so on. Anyone who works with a skilled executive assistant knows they are irreplaceable, but chances are every EA out there would rather spend less time on tasks that are just a bunch of “How about this? No? How about this?”

Image Credits: Skej

As a misanthrope, I don’t have this scheduling problem, but I appreciate that others do, and also would prefer a “set it and forget it” type solution where they just acquiesce with the results. And it’s well within the capabilities of today’s AI agents, which would primarily be tasked with understanding natural language rather than forms.

Jsonify is an evolution of website scrapers that can extract data from relatively unstructured contexts. This has been done for ages, but the engine extracting the info has never been all that smart. If it’s a big, flat document they work fine — if it’s in on-site tabs or some poorly coded visual list meant for humans to click around, they can fail. Jsonify uses the improved understanding of today’s visual AI models to better parse and sort data that may be inaccessible to simple crawlers.

Image Credits: Jsonify

So you could do a search for Airbnb options in a given area, then have Jsonify dump them all into a structured list with columns for price, distance from the airport, rating, hidden fees etc. Then you could go do the same thing at Vacasa and extract the same data — maybe for the same places (I did this and saved like $150 the other day, but I wish I could have automated the process). Or, you know, do professional stuff.

But doesn’t the imprecision inherent to LLMs make them a questionable tool for the job? “We’ve managed to build a pretty robust guardrail and cross-checking system,” said founder Ananth Manivannan. “We use a few different models at runtime for understanding the page, which provide some validation — and the LLMs we use are fine-tuned to our use case, so they’re usually pretty reliable even without the guardrail layer. Typically we see 95%+ extraction accuracy, depending on the use case..”

I could see any of these being useful in probably any tech-forward business. The others in the cohort are a bit more technical or situational — here are the remaining 6:

  • Resolvd AI – agentic automation of cloud workflows. Feels useful until bespoke integrations catch up to it.
  • Floode – an AI inbox wrangler that reads your email and finds the important stuff while preparing appropriate responses and actions.
  • Extensible AI – is your AI regressing? Ask your doctor if Extensible is the right testing and logging infra for your deployment.
  • Opponent – a virtual character meant for kids to have extensive interactions and play with. Feels like a minefield ethically and legally but someone’s got to walk through it.
  • High Dimensional Research – the infra play. A framework for web-based AI agents with a pay-as-you-go model so if your company’s experiment craters, you only owe a few bucks.
  • Mbodi – generative AI for robotics, a field where training data is comparatively scarce. I thought it was an African word but it’s just “embody.”

There’s little doubt AI agents will play some role in the increasingly automated software workflows of the near future, but the nature and extent of that role is as yet unwritten. Clearly Betaworks aims to get their foot in the door early even if some of the products aren’t quite ready for their mass market debut just yet.

You’ll be able to see the companies show of their agentic wares on May 7.

Software Development in Sri Lanka

Robotic Automations

YC's latest Demo Day shows fascinating wagers on healthcare, chip design, AI and more | TechCrunch

The second half of Y Combinator’s Winter 2024 cohort presented on Thursday, once again bringing dozens and dozens of new startups before a chunk of the venture investing community. As we did on Wednesday, a number of the TechCrunch crew watched the entire run of presentations, picking out a handful of favorites to highlight.

Enjoy our favorites from the second round of Y Combinator demos while we go out and buy another few pots of coffee. To work!

TechCrunch’s staff favorites


  • What it does: Lets electrical engineers design circuit boards using code
  • Why it’s a fave: Lots of electrical engineering work on circuit boards is done via GUIs. Who knew? Not this writer, which is why Atopile piqued my interest immediately. The startup, co-founded by Matt Wildoer, Timothée Peter and Narayan Powderly, aims to bring design reuse, version control and automation to hardware design — aspects that the trio claims are seriously lacking in existing design tools. Instead of forcing electrical engineers to draw schematics by hand and validate every small change on test benches, Atopile captures a product’s requirements using a custom programming language and, from there, builds and validates the necessary manufacturing files. Nifty.
  • Who picked it: Kyle


  • What it does: A platform for vets to run their practices
  • Why it’s a fave: So, platforms to run vet businesses aren’t new, as I’ve discovered after a cursory Google search (or a few). BUT, Scritch’s co-founders — Claire Lee and Rachel Lee — say that what makes theirs different is a heavy reliance on automation. Scritch handles scheduling, billing and clinical workflows as well as inventory management and care coordination. In addition, the platform supports vet customers by filing insurance claims on their behalf — which sounds like a very attractive feature for this would-be pet owner.
  • Who picked it: Kyle


  • What it does: Postgres vector search tool
  • Why it’s a fave: If you cover the AI world at all, you’ve heard of vectors. There are companies like Semi that have raised lots of capital for their own open source vector database software, for example. Lantern sells a hosted Postgres vector database on its own Lantern Cloud. Its pitch: their product is cheaper than a similar offering from AWS. Continuing my hunt for the startups that might make lots of picks-and-shovels money from the AI boom, I’m adding Lantern to the list.
  • Who picked it: Alex


  • What it does: AI agents for task automation
  • Why it’s a fave: There has been lots of talk about using AI to replace workers who execute repetitive tasks. More interesting in the near-term are AI tools that help those same workers do more, faster. That’s what Paradigm is building for the marketing and sales market use cases, with a human-in-the-loop angle. I’ve spent enough time with business development representatives and account executives to know that the market for this tech could be huge.
  • Who picked it: Alex

Just words

  • What it does: GenAI to help companies write better
  • Why it’s a fave: When Just Words founder Neha Mittal worked at Twitter and Pinterest she discovered that minor word changes in user-facing communications had a big impact on engagement rates. That tracks with what I’ve learned writing online. The startup’s plan to bring a similar sort of boost to customers may prove popular; I chose it as a favorite because it fits neatly into a theme I have noticed since the rise of ChatGPT and similar services: people hate writing. They don’t want to do it! So, tools that help people not write are going to be big.
  • Who picked it: Alex


  • What it does: Builds apps and refines them from text prompts
  • Why it’s a fave: I love two things about this. First, it has $47,000 worth of monthly recurring revenue — $564,000 ARR — from 140 customers in less than a quarter. That’s a lot, quickly. And second, because of the way that it describes an interactive approach to app development, in which you answer questions and then it codes up what you have in mind. I am downloading Visual Studio to give this a try, but the concept itself is very appealing to me, someone who has not really written code since high school. (Later in the day, Marblism shared a related pitch that I would be remiss to not include here.)
  • Who picked it: Alex


  • What it does: AI-power shipment management for commodities trading
  • Why it’s a fave: Trading commodities involves cross-border communication, strict adherence to import laws and a lot of paperwork. CommodityAI’s mission — to bring all the invoices and paperwork involved in commodities trading online and add a collaboration layer on top of it — makes a lot of sense. This seems like a big improvement over parties having to call each other in other countries to double-check numbers and data on paper documents — if they can find them.
  • Who picked it: Becca


  • What it does: Partners with apparel retailers to allow shoppers to try on clothes virtually
  • Why it’s a fave: I don’t love buying clothes online because it’s hard to predict what items will look like on my body, and sending packages back is a pain. Kopia wants to help consumers visualize how outfits will fit by dressing an avatar that mimics the person’s body type. Other startups have tried the idea of a virtual fitting room, but I still haven’t seen these tools available on shopping sites. Will Kopia’s product pique retailers’ interest? Hard to say, but I hope that they or another company figures this out because I sure need a wardrobe update.
  • Who picked it: Marina

Care Weather

  • What it does: More accurate weather data using low-cost flat satellites
  • Why it’s a fave: Getting weather forecasts correct is incredibly important because inclement weather can affect people, structures and supply chains. I really like that this company is not only trying to make weather forecasts more accurate, but that it’s doing so by building less-expensive satellites. The company says its tech is 17x more accurate for predicting weather outcomes than existing systems — a lofty statement. Even if it’s not as accurate as the startup claims, I’m a fan of anything that will better help me predict when my building’s basement is going to flood.
  • Who picked it: Becca


  • What it does: Infrastructure for card issuer processing and core banking for businesses in Sub-Saharan Africa
  • Why it’s a fave: Technology for Sub-Saharan Africa is not something you hear of often in startup land; tech for B2B companies located in that region is even less common. Building fintech infrastructure so that companies can issue cards, or even just file expense reports, seems like a smart foundation for the company to get customers and then expand into other fintech products. The tech Miden is building is clearly in demand: The startup said it is already profitable and seeing strong traction so far.
  • Who picked it: Becca

Oma Care

  • What it does: Helps pay family caregivers.
  • Why it’s a fav: The caregiving market is growing, and there is a massive opportunity — and demand — to make such a daunting experience flow a bit easier. I liked this app because there have been studies that show that caregiving duties most often fall on women, as they are more than twice as likely to be caregivers compared to men. Most often, they do not get paid for this, adding to the stat that women’s unpaid labor globally is worth more than $10 trillion. I welcome anything that tries to address this issue, and I’m excited to see more innovation in this space.
  • Who picked it: Dom


  • What it does: Marketplace for used fire-fighting equipment
  • Why it’s a fave: This is such a neat idea! Outfitting one firefighter costs a couple thousand dollars, so creating a way for these departments to get gear without spending a lot of money seems smart. That’s especially true, considering you wouldn’t want budget concerns to prevent fire stations from getting their firefighters the safest gear. Sometimes good ideas for technology aren’t complicated.
  • Who picked it: Becca


  • What it does: Al-powered time tracking and billing for lawyers
  • Why it’s a fave: PointOne co-founder Adrian Parlow, who was previously an attorney at Fenwick & West, says that one of the worst parts of being a lawyer is having to track time in six-minute increments. I am not a lawyer or a paralegal, but I imagine figuring out how many fractions of an hour went to each client is tedious and time-consuming. PointOne claims that advances in AI can automate timesheet generation by capturing work done on lawyers’ laptops and computers. I am a big fan of all applications that reduce professionals’ busy work. Now can somebody figure this out for filing expenses?
  • Who picked it: Marina

Software Development in Sri Lanka